Application Security Testing: An Integral Part of DevOps
IntroductionThis program locks keyboard and mouse on computers running Windows 9x.
My boss needed something that would prevent users from using the computer at a specified time (e.g., 7 PM). But the user was to be able to use it again next morning (e.g., at 9 AM). The software was intended for use only on Windows 9x systems. After searching for something similar, I decided to write my own.
The result is presented here. At a specified time, it turns off all special keys (Ctrl-Alt-Del, Alt-Tab, Ctrl-Esc, Windows key), then intercepts all keyboard input, as well as WM_LBUTTONDOWN event, so that the user won't be able to do anything on the computer. Rebooting doesn't help either, because this program automatically runs at startup (I know, it might look like a Trojan horse, but that was my requirement :))
int idHook: Specifies the type of hook procedure to be installed. In this case it is WH_KEYBOARD
for keyboard hook and WH_MOUSE for mouse hook.
HOOKPROC lpfn: Pointer to the hook procedure. Since I want to install a system-wide hook, it must point to a hook procedure in a dynamic-link library (DLL).
HINSTANCE hMod: Handle to the DLL containing the hook procedure pointed to by the lpfn parameter.
DWORD dwThreadId: Specifies the identifier of the thread with which the hook procedure is to be associated. If this parameter is zero, the hook procedure is associated with all existing threads running in the same desktop as the calling thread.
To disable special keys (Ctrl-Alt-Del, Alt-Tab, Ctrl-Esc, Windows key) I used SystemParametersInfo() function with SPI_SETSCREENSAVERRUNNING flag. Even though applications are not supposed to use this flag, because it is used internally in Windows 9x, it does the job.
On startup, the program checks if there is another instance of the same program running. If so, it terminates. Otherwise, it checks where it is run from, and tries to install itself in System folder and RunServices key of Windows registry. Afterwards, it renames itself to "mskml32.exe" and tries to delete the original file. Default start time is set to 7 PM, and default end time is 9 AM. These times are specified in "HKLM\Software\Windows\CurrentVersion\Explorer\Services" key. At a specified start time it disables special key combinations, and installs keyboard and mouse hooks. At any time you can type "unl0ck" to remove hooks and enable special key combinations. By the way, in this version password is hard-coded into the program. You are welcome to modify the source code, so that it checks a password from some other location.
Feel free to adapt this program to your special needs. It's a great way to learn how hooks work.